New Frontiers in Adversarial Machine Learning

Workshop

New Frontiers in Adversarial Machine Learning

Sijia Liu · Pin-Yu Chen · Dongxiao Zhu · Eric Wong · Kathrin Grosse · Hima Lakkaraju · Sanmi Koyejo

Room 343 - 344

Fri 22 Jul, 5:50 a.m. PDT

[ Abstract ] Workshop Website

Adversarial machine learning (AdvML), which aims at tricking ML models by providing deceptive inputs, has been identified as a powerful method to improve various trustworthiness metrics (e.g., adversarial robustness, explainability, and fairness) and to advance versatile ML paradigms (e.g., supervised and self-supervised learning, and static and continual learning). As a consequence of the proliferation of AdvML-inspired research works, the proposed workshop–New Frontiers in AdvML–aims to identify the challenges and limitations of current AdvML methods and explore new prospective and constructive views of AdvML across the full theory/algorithm/application stack. The workshop will explore the new frontiers of AdvML from the following new perspectives: (1) advances in foundational AdvML research, (2) principles and practice of scalable AdvML, and (3) AdvML for good. This will be a full-day workshop, which accepts full paper submissions (up to 6 pages) as well as “blue sky” extended abstract submissions (up to 2 pages).

Chat is not available.

Timezone: America/Los_Angeles

Schedule

Fri 5:50 a.m. - 6:00 a.m.	Opening Remarks ( Opening Remarks ) >	🔗
Fri 6:00 a.m. - 6:30 a.m.	Adversarial attacks on deep learning : Model explanation & transfer to the physical world ( Talk ) > link SlidesLive Video Link	Ajmal Mian 🔗
Fri 6:30 a.m. - 7:00 a.m.	A tale of adversarial attacks & out-of-distribution detection stories in the activation space ( Talk ) > link SlidesLive Video Link	Celia Cintas 🔗
Fri 7:00 a.m. - 7:06 a.m.	Model Transferability With Responsive Decision Subjects ( Poster ) > SlidesLive Video	Yang Liu · Yatong Chen · Zeyu Tang · Kun Zhang 🔗
Fri 7:06 a.m. - 7:12 a.m.	What is a Good Metric to Study Generalization of Minimax Learners? ( Poster ) > SlidesLive Video	Asuman Ozdaglar · Sarath Pattathil · Jiawei Zhang · Kaiqing Zhang 🔗
Fri 7:12 a.m. - 7:18 a.m.	Toward Efficient Robust Training against Union of Lp Threat Models ( Poster ) > SlidesLive Video	Gaurang Sriramanan · Maharshi Gor · Soheil Feizi 🔗
Fri 7:18 a.m. - 7:26 a.m.	On the interplay of adversarial robustness and architecture components: patches, convolution and attention ( Poster ) > SlidesLive Video	Francesco Croce · Matthias Hein 🔗
Fri 7:30 a.m. - 8:00 a.m.	Machine Learning Security: Lessons Learned and Future Challenges ( Talk ) > link SlidesLive Video Link	Battista Biggio 🔗
Fri 8:00 a.m. - 8:30 a.m.	What Can the Primate Brain Teach Us about Robust Object Recognition? ( Talk ) > link SlidesLive Video Link	Joel Dapello 🔗
Fri 8:30 a.m. - 9:00 a.m.	Poster Session ( Poster Session ) >	🔗
Fri 9:00 a.m. - 10:00 a.m.	Lunch ( Lunch ) >	🔗
Fri 10:00 a.m. - 10:30 a.m.	New adversarial ML applications on safety-critical human-robot systems ( Talk ) > link SlidesLive Video Link	Changliu Liu 🔗
Fri 10:30 a.m. - 11:00 a.m.	Dr. Aleksander Madry's Talk ( Talk ) > link SlidesLive Video Link	Aleksander Madry 🔗
Fri 11:00 a.m. - 11:05 a.m.	Overcoming Adversarial Attacks for Human-in-the-Loop Applications ( Blue Sky Idea ) > SlidesLive Video	Ryan McCoppin · Sean Kennedy · Platon Lukyanenko · Marla Kennedy 🔗
Fri 11:05 a.m. - 11:10 a.m.	Ad Hoc Teamwork in the Presence of Adversaries ( Blue Sky Idea ) > SlidesLive Video	Ted Fujimoto · Samrat Chatterjee · Auroop R Ganguly 🔗
Fri 11:10 a.m. - 11:15 a.m.	Learner Knowledge Levels in Adversarial Machine Learning ( Blue Sky Idea ) > SlidesLive Video	Sophie Dai · Prateek Mittal 🔗
Fri 11:19 a.m. - 11:23 a.m.	Easy Batch Normalization ( Blue Sky Idea ) > SlidesLive Video	Arip Asadulaev · Alexander Panfilov · Andrey Filchenkov 🔗
Fri 11:23 a.m. - 11:27 a.m.	Adversarial Training Improve Joint Energy-Based Generative Modelling ( Blue Sky Idea ) > SlidesLive Video	Rostislav Korst · Arip Asadulaev 🔗
Fri 11:27 a.m. - 11:30 a.m.	Multi-step domain adaptation by adversarial attack to $\mathcal{H} \Delta \mathcal{H}$-divergence ( Blue Sky Idea ) > SlidesLive Video	Arip Asadulaev · Alexander Panfilov · Andrey Filchenkov 🔗
Fri 11:30 a.m. - 12:00 p.m.	Robust physical perturbation attacks and defenses for deep learning visual classifiers ( Talk ) > link SlidesLive Video Link	Atul Prakash 🔗
Fri 12:00 p.m. - 12:30 p.m.	Adversarial Robustness and Cryptography ( Talk ) > link SlidesLive Video Link	Somesh Jha 🔗
Fri 12:30 p.m. - 2:00 p.m.	Poster Session ( Poster Session ) >	🔗
Fri 2:00 p.m. - 2:10 p.m.	Closing Remarks ( Closing Remarks ) >	🔗
-	Rethinking Multidimensional Discriminator Output for Generative Adversarial Networks ( Poster ) >	Mengyu Dai · Haibin Hang · Anuj Srivastava 🔗
-	Generative Models with Information-Theoretic Protection Against Membership Inference Attacks ( Poster ) > SlidesLive Video	Parisa Hassanzadeh · Robert Tillman 🔗
-	Availability Attacks on Graph Neural Networks ( Poster ) > SlidesLive Video	Shyam Tailor · Miguel Tairum Cruz · Tiago Azevedo · Nic Lane · Partha Maji 🔗
-	Robust Models are less Over-Confident ( Poster ) > SlidesLive Video	Julia Grabinski · Paul Gavrikov · Janis Keuper · Margret Keuper 🔗
-	Exploring Adversarial Attacks and Defenses in Vision Transformers trained with DINO ( Poster ) > SlidesLive Video	Javier Rando · Thomas Baumann · Nasib Naimi · Max Mathys 🔗
-	Distributionally Robust counterfactual Explanations via an End-to-End Training Approach ( Poster ) > SlidesLive Video	Hangzhi Guo · Feiran Jia · Jinghui Chen · Anna Squicciarini · Amulya Yadav 🔗
-	Meta-Learning Adversarial Bandits ( Poster ) >	Nina Balcan · Keegan Harris · Mikhail Khodak · Steven Wu 🔗
-	Boosting Image Generation via a Robust Classifier ( Poster ) >	Roy Ganz · Michael Elad 🔗
-	Why adversarial training can hurt robust accuracy ( Poster ) > SlidesLive Video	jacob clarysse · Julia Hörrmann · Fanny Yang 🔗
-	Superclass Adversarial Attack ( Poster ) > SlidesLive Video	Soichiro Kumano · Hiroshi Kera · Toshihiko Yamasaki 🔗
-	Individually Fair Learning with One-Sided Feedback ( Poster ) > SlidesLive Video	Yahav Bechavod · Aaron Roth 🔗
-	Multi-Task Federated Reinforcement Learning with Adversaries ( Poster ) > SlidesLive Video	Aqeel Anwar · Zishen Wan · Arijit Raychowdhury 🔗
-	Adversarial Cheap Talk ( Poster ) >	Christopher Lu · Timon Willi · Alistair Letcher · Jakob Foerster 🔗
-	Thinking Two Moves Ahead: Anticipating Other Users Improves Backdoor Attacks in Federated Learning ( Poster ) > SlidesLive Video	Yuxin Wen · Jonas Geiping · Liam Fowl · Hossein Souri · Rama Chellappa · Micah Goldblum · Tom Goldstein 🔗
-	Synthetic Dataset Generation for Adversarial Machine Learning Research ( Poster ) > SlidesLive Video	Xiruo Liu · Shibani Singh · Cory Cornelius · Colin Busho · Mike Tan · Anindya Paul · Jason Martin 🔗
-	Making Corgis Important for Honeycomb Classification: Adversarial Attacks on Concept-based Explainability Tools ( Poster ) > SlidesLive Video	Davis Brown · Henry Kvinge 🔗
-	Do Perceptually Aligned Gradients Imply Adversarial Robustness? ( Poster ) >	Roy Ganz · Bahjat Kawar · Michael Elad 🔗
-	Make Some Noise: Reliable and Efficient Single-Step Adversarial Training ( Poster ) > SlidesLive Video	Pau de Jorge Aranda · Adel Bibi · Riccardo Volpi · Amartya Sanyal · Phil Torr · Gregory Rogez · Puneet Dokania 🔗
-	Catastrophic overfitting is a bug but also a feature ( Poster ) >	Guillermo Ortiz Jimenez · Pau de Jorge Aranda · Amartya Sanyal · Adel Bibi · Puneet Dokania · Pascal Frossard · Gregory Rogez · Phil Torr 🔗
-	Fair Universal Representations using Adversarial Models ( Poster ) > SlidesLive Video	Monica Welfert · Peter Kairouz · Jiachun Liao · Chong Huang · Lalitha Sankar 🔗
-	Sleeper Agent: Scalable Hidden Trigger Backdoors for Neural Networks Trained from Scratch ( Poster ) >	Hossein Souri · Liam Fowl · Rama Chellappa · Micah Goldblum · Tom Goldstein 🔗
-	Early Layers Are More Important For Adversarial Robustness ( Poster ) > SlidesLive Video	Can Bakiskan · Metehan Cekic · Upamanyu Madhow 🔗
-	Provably Adversarially Robust Detection of Out-of-Distribution Data (Almost) for Free ( Poster ) > SlidesLive Video	Alexander Meinke · Julian Bitterwolf · Matthias Hein 🔗
-	Attacking Adversarial Defences by Smoothing the Loss Landscape ( Poster ) > SlidesLive Video	Panagiotis Eustratiadis · Henry Gouk · Da Li · Timothy Hospedales 🔗
-	Sound randomized smoothing in floating-point arithmetics ( Poster ) > SlidesLive Video	Václav Voráček · Matthias Hein 🔗
-	Robustness in deep learning: The width (good), the depth (bad), and the initialization (ugly) ( Poster ) > SlidesLive Video	Zhenyu Zhu · Fanghui Liu · Grigorios Chrysos · Volkan Cevher 🔗
-	Riemannian data-dependent randomized smoothing for neural network certification ( Poster ) >	Pol Labarbarie · Hatem Hajri · Marc Arnaudon 🔗
-	Adversarial robustness of $\beta-$VAE through the lens of local geometry ( Poster ) > SlidesLive Video	Asif Khan · Amos Storkey 🔗
-	``Why do so?'' --- A practical perspective on adversarial machine learning ( Poster ) > SlidesLive Video	Kathrin Grosse · Lukas Bieringer · Tarek R. Besold · Battista Biggio · Katharina Krombholz 🔗
-	Adversarial Estimation of Riesz Representers ( Poster ) >	Victor Chernozhukov · Whitney Newey · Rahul Singh · Vasilis Syrgkanis 🔗
-	Saliency Guided Adversarial Training for Tackling Generalization Gap with Applications to Medical Imaging Classification System ( Poster ) > SlidesLive Video	Xin Li · Yao Qiang · CHNEGYIN LI · Sijia Liu · Dongxiao Zhu 🔗
-	Self-Destructing Models: Increasing the Costs of Harmful Dual Uses in Foundation Models ( Poster ) > SlidesLive Video	Eric Mitchell · Peter Henderson · Christopher Manning · Dan Jurafsky · Chelsea Finn 🔗
-	Illusionary Attacks on Sequential Decision Makers and Countermeasures ( Poster ) > SlidesLive Video	Tim Franzmeyer · Joao Henriques · Jakob Foerster · Phil Torr · Adel Bibi · Christian Schroeder 🔗
-	Can we achieve robustness from data alone? ( Poster ) > SlidesLive Video	Julia Kempe · Nikolaos Tsilivis · Jingtong Su 🔗
-	Gradient-Based Adversarial and Out-of-Distribution Detection ( Poster ) > SlidesLive Video	Jinsol Lee · Mohit Prabhushankar · Ghassan AlRegib 🔗
-	Investigating Why Contrastive Learning Benefits Robustness against Label Noise ( Poster ) >	Yihao Xue · Kyle Whitecross · Baharan Mirzasoleiman 🔗
-	Layerwise Hebbian/anti-Hebbian (HaH) Learning In Deep Networks: A Neuro-inspired Approach To Robustness ( Poster ) > SlidesLive Video	Metehan Cekic · Can Bakiskan · Upamanyu Madhow 🔗
-	Efficient and Effective Augmentation Strategy for Adversarial Training ( Poster ) > SlidesLive Video	Sravanti Addepalli · Samyak Jain · Venkatesh Babu Radhakrishnan 🔗
-	Robust Empirical Risk Minimization with Tolerance ( Poster ) >	Robi Bhattacharjee · Max Hopkins · Akash Kumar · Hantao Yu · Kamalika Chaudhuri 🔗
-	Towards Out-of-Distribution Adversarial Robustness ( Poster ) > SlidesLive Video	Adam Ibrahim · Charles Guille-Escuret · Ioannis Mitliagkas · Irina Rish · David Krueger · Pouya Bashivan 🔗
-	Reducing Exploitability with Population Based Training ( Poster ) > SlidesLive Video	Pavel Czempin · 🔗
-	RUSH: Robust Contrastive Learning via Randomized Smoothing ( Poster ) >	Yijiang Pang · Boyang Liu · Jiayu Zhou 🔗
-	Welcome to New Frontiers in Adversarial Machine Learning@ICML 2022! ( Introduction ) >	Yuguang Yao 🔗
-	Dr. Nitesh Chawla's Talk ( Talk ) > link Link	Nitesh Chawla 🔗